In article <nU9Y6.84257$Ne5.3248537 / e420r-sjo3.usenetserver.com>, "Mike"
<mike / lepton.fr> wrote:



> mod_ruby sets the SAFE level to 1 so you cannot use tainted strings in
> eval. Cookie values are tainted by default, but you can untaint them if
> you are sure it doesn't contain unexpected expressions. Since you want
> to generate variables, you can untaint them if they contain only certain
> characters:
> value.untaint if value =~ /^\w+$/
> Maybe someone knows what is the real variable-name regexp.   Mike.

Say I have two variables called "name" and "value".  Is the correct way
to create a variable with the given name and value, to use eval, as in ...

   eval "#{name} = #{value}"

or is there a better/cleaner way to do this?